CVE-2023-41970

CVE Database · CVE-2023-41970

CVE-2023-41970

· MEDIUMAnalyzed

CVSS v3.1

6.0

EPSS

0.11%

Published

May 2, 2024

Modified

Feb 19, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on Windows during the Repair App functionality may allow Local Execution of Code.This issue affects Client Connector on Windows: before 4.1.0.62.

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L

Weaknesses (CWE)

CWE-354

Affected Products (1)

zscaler · client_connector (up to 4.1.0.62)vulnerable

References (2)

https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022?applicable_category=windows&applicable_version=4.1

Vendor AdvisoryRelease Notes

https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022?applicable_category=windows&applicable_version=4.1

Vendor AdvisoryRelease Notes

KEV Catalog EPSS Scores Vendors All CVEs